2758be8680
* Fix pylint warnings across all 24 Python files in web_server - Add module, class, and function docstrings (C0114, C0115, C0116) - Fix import ordering: stdlib before third-party before local (C0411) - Replace wildcard imports with explicit named imports (W0401) - Remove trailing whitespace and add missing final newlines (C0303, C0304) - Replace dict() with dict literals (R1735) - Remove unused imports and variables (W0611, W0612) - Narrow broad Exception catches to specific exceptions (W0718) - Replace f-string logging with lazy % formatting (W1203) - Fix variable naming: UPPER_CASE for constants, snake_case for locals (C0103) - Add pylint disable comments for necessary global statements (W0603) - Fix no-else-return, simplifiable-if-expression, singleton-comparison - Fix bad indentation in stripe.py (W0311) - Add encoding="utf-8" to open() calls (W1514) - Add check=True to subprocess.run() calls (W1510) - Register Celery task modules via conf.include * Update `package-lock.json` add peer dependencies
98 lines
2.9 KiB
Python
98 lines
2.9 KiB
Python
"""Input sanitization and validation utilities."""
|
|
|
|
from typing import Optional, List
|
|
from re import match
|
|
|
|
from database.database import Database
|
|
|
|
|
|
def get_all_categories() -> Optional[List[dict]]:
|
|
"""
|
|
Returns all possible streaming categories
|
|
"""
|
|
with Database() as db:
|
|
all_categories = db.fetchall("SELECT * FROM categories")
|
|
|
|
return all_categories
|
|
|
|
def get_all_tags() -> Optional[List[dict]]:
|
|
"""
|
|
Returns all possible streaming tags
|
|
"""
|
|
with Database() as db:
|
|
all_tags = db.fetchall("SELECT * FROM tags")
|
|
|
|
return all_tags
|
|
|
|
def get_most_popular_category() -> Optional[List[dict]]:
|
|
"""
|
|
Returns the most popular category based on live stream viewers
|
|
"""
|
|
with Database() as db:
|
|
category = db.fetchone("""
|
|
SELECT categories.category_id, categories.category_name
|
|
FROM streams
|
|
JOIN categories ON streams.category_id = categories.category_id
|
|
WHERE streams.isLive = 1
|
|
GROUP BY categories.category_name
|
|
ORDER BY SUM(streams.num_viewers) DESC
|
|
LIMIT 1;
|
|
""")
|
|
|
|
return category
|
|
|
|
def get_category_id(category_name: str):
|
|
"""
|
|
Returns category_id given category_name
|
|
"""
|
|
with Database() as db:
|
|
category = db.fetchone("""
|
|
SELECT category_id
|
|
FROM categories
|
|
WHERE category_name = ?
|
|
""", (category_name,))
|
|
|
|
return category["category_id"]
|
|
|
|
def sanitize(user_input: str, input_type="default") -> str:
|
|
"""
|
|
Sanitizes user input based on the specified input type.
|
|
|
|
`input_type`: The type of input to sanitize (e.g., 'username', 'email', 'password').
|
|
"""
|
|
# Strip leading and trailing whitespace
|
|
sanitised_input = user_input.strip()
|
|
|
|
# Define allowed patterns and length constraints for each type
|
|
rules = {
|
|
"username": {
|
|
"pattern": r"^[a-zA-Z0-9_]+$", # Alphanumeric + underscores
|
|
"min_length": 3,
|
|
"max_length": 50,
|
|
},
|
|
"email": {
|
|
"pattern": r"^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$", # Standard email regex
|
|
"min_length": 5,
|
|
"max_length": 128,
|
|
},
|
|
"password": {
|
|
"pattern": r"^[\S]+$", # Non-whitespace characters only
|
|
"min_length": 8,
|
|
"max_length": 256,
|
|
},
|
|
"default": {
|
|
"pattern": r"^[\w\s]+$", # Non-whitespace characters only
|
|
"min_length": 1,
|
|
"max_length": 50,
|
|
},
|
|
}
|
|
|
|
# Get the validation rules for the specified type
|
|
rule = rules.get(input_type)
|
|
if (not rule
|
|
or not (rule["min_length"] <= len(sanitised_input) <= rule["max_length"])
|
|
or not match(rule["pattern"], sanitised_input)):
|
|
raise ValueError("Unaccepted character or length in input")
|
|
|
|
return sanitised_input
|